Digital Forensics, Computer Forensics, eDiscovery

Griffeye Analyze DI Pro is used by law enforcement agencies and other national security and defence organisations for all sorts of investigations involving large volumes of media files. Although it is perhaps most well known for its application to child exploitation cases, Analyze DI Pro is not designed specifically for use in such investigations.

This tool has a wide variety of add-on functionality, meaning investigators are able to work smarter and faster with automated processes that will categorise and filter out non-pertinent material. Analyze DI Pro is designed for individual investigators, with integrated tools for sorting and efficiently analysing large volumes of media files. In a nutshell, Analyze DI Pro parses images and videos intuitively to return the best results for the user.

Welcome to Logicube’s tutorial on the Falcon-NEO forensic imager. The Falcon-NEO allows you to image directly to or from a network repository using SMB or CIFS protocol, or using iSCSI. Two 10GbE ports provide extremely fast network imaging performance. In this episode we’ll show you how to image from a physical drive connected to the Falcon-NEO, to a network repository, using CIFS protocol. Make sure you have full permissions to the shared resource before attempting to create a network repository on the Falcon-NEO. We strongly suggest that you contact your network administrator to ensure proper permissions have been set up.

We have set up a directory on a computer that is connected to the same network as the Falcon-NEO. By right clicking on the directory and checking the share properties, we can verify that we have full permissions to this share. We’ll now create and mount the repository on the Falcon-NEO.

In the year since Atola launched its new flagship product, Atola TaskForce, the product saw three major firmware updates. The latest, 2019.4 version of TaskForce firmware contains a number of features to assist our users with evidence acquisition.

First and foremost, this release introduces imaging to a file on a target device. This popular functionality allows putting a target device in Storage mode to serve as a destination for multiple image files sequentially created on the drive.

In TaskForce, the Storage mode is activated when selecting a target, and the mode will remain active while the drive remains attached to the powered on TaskForce. When a drive is put in Storage mode for the first time, it is formatted to exFAT with large cluster size (32 MB) to ensure the fastest possible imaging.

Congratulations on your new role! Tell us more about your law enforcement career. How did you get into digital forensics?

Thanks so much! I am excited about the opportunity to come and work for Amped Software. I got into digital forensics in a kind of roundabout way. I earned a Computer Science degree in college and went to work for Apple. After several years of support and QA, I got involved in Audio and Video Production. That led me, eventually into working for the Plano Police Department in Plano, TX, USA in 2014.

Mark Zuckerberg’s new “privacy manifesto” for Facebook marks not just a pivot in terms of how the social network shapes modern-day communication. It also marks what The Verge’s Casey Newton called “the end of the News Feed era.”

Zuckerberg’s opening statement draws a distinction between the “digital equivalent of a town square” which Facebook and Instagram have helped to build over the past 15 years, and the “digital equivalent of the living room” in which more users prefer to spend time together. Most child exploitation domain experts would be quick to point out, however, that child abuse is far more pervasive in living rooms and other private spaces than it is in town squares.

In today’s world everyone is using messenger applications. Many users prefer using messengers that have strong encryption built-in for obvious reasons from confidentiality to hiding data from investigators. One such app used by messengers due to the confidentiality and privacy they provide. Signal is one of these messengers and has been labeled one of the most widely used, next to Telegram, used by people living in regions known for corruption.

May 15, 2019 – MSAB announced today that it has been selected to support the research and development efforts of the FORMOBILE Consortium, which is made up of 19 law enforcement, government, academic, and private sector organizations from across Europe. It is led by the Mittweida University of Applied Sciences. The goal of FORMOBILE is to establish a complete, end to end forensic investigation chain to support law enforcement agencies’ access to mobile device data.